Chinese hackers access major weapons systems

Originally posted by DarthFazer
First thought was how do the US Gov and and Aussies know it was Chinese hackers to begin with? I mean did they leave a comment or a memento
from China to symbolize the hack job? Or they were as so foolish as to use their own ip addresses like "Doh! forgot to use seven proxies"

Like I will buy the idea our government's security is open to get hacked by anyone yet these governements in turn can back trace you even when they
violate security measures... yeah right!

Sounds like these unsecured supposed incompetent .gov servers are a honeypot with disinfo and fake schematics to maybe trap hackers and perhaps
sabotage them in the process.

Or it is all a ruse it never really happened and was a story made up to further these fascist agendas to clamp down on our internet privacy again.
Because whenever our government's goof it is us the people that end up suffering the consequences hence more legislation used against US!

Because this story does not make any sense what so ever. Because we are all suspects being watched by cameras on every corner, spied on by
supercomputers underground in Langley VA. And made to believe these false events all the while being more then willing to turn the other cheek.

Either way we are being taken for a ride imho

edit on 29-5-2013 by DarthFazer because: (no reason given)

In an attempt to live by the ATS mantra, I will try to address some of your concerns. Also, I'm a Cybersecurity / Information Assurance professional
who works for the DoD/DoN.

First, you asked how do we know it was the Chinese? That's pretty simple. Everything that runs through the DoD is logged and audited. The problem is
that there is so much information that gets logged and audited that sifting through the massive sea of information usually happens after the fact -
not during an attack. It also takes time to conduct forensic analysis on the attack once it has been discovered to find out the extent of the damage /
loss.
You also asked if the Chinese were stupid enough to use their own IP Address...and the answer is yes, they are. According to the Pentagon and Mandiant
(a private sector firm) the Chinese support and promote state (read Government) sponsored cyber attacks. The Chinese Government officially denies it,
but the data found thus far proves without a doubt that the majority of these cyber attacks come from a Chinese Government building and unit. Google
Mandiant Chinese Report for further information, as it is quite detailed.

Second, you believe that our Government systems are open to be hacked but do not have the capability to trace where the attack originated from. The
Government does infact have this capability. Every DOD System goes through rigourous security compliance, which includes something called "Audit
Trails". Audit trails are set up so that we can look back on any particular system and see what happened - for exactly situations such as these. Many
of them are sent to another server and backed up for later review (which makes it extremely difficult for a hacker to get in to the offsite server to
clean those logs and cover up what he has done).

Third, you hypothesize that the Government would setup honeypots with disinfo as to sabotage hackers.
Although that might be a viable protection mechanism, unfortunately I very seriously doubt with all the budget shortfalls that any sort of project
like that would ever take place within the Department. I can't confirm that they do or do not exist, as I honestly don't know. However I can say
that the manpower to do all of that work to setup these honeypots with disinfo in an attempt to lure hackers would cost a lot of money - and that is
something the DoD is in short supply of right now (even I'm about to be furloughed for 11 days).

In closing, I seriously doubt that this has anything to do with CISPA or Internet Privacy. While those are very important topics, I don't think there
is a corollary to this story.

The sad part about all of this, is that a system is only as secure as it's weakest link (like the chain analogy). The problem is that almost 90% of
the time, the weakest link is the user of the system. I can't begin to count the number of times normal users of DoD systems click on a link and the
IDS (intrusion detection system) catches an attempt to hijack a users browser and install backdoors and/or malware.

And as another astute member in here has been posting - the need to communciate with contractors / subcontractors is a REAL need. Sure we can host all
of the data on isolated stand alone systems (like in the movie Mission Impossible). However, with that comes higher cost of production and much longer
development times. You can't have it both ways unfortunately.

If it can be proven that it was the Chinese that did it, the first thing the United States should do is simply erase the debt it owes to China since
they saved so much in doing their own research and development After that, tell them anymore hacking and it's going to start affecting their imports
to this country.

Originally posted by ahnggk
Who's stupid enough to put classified blueprints on a machine that connects to the internet?

I used to join engineering competitions and do all my work on a machine with no internet connection whatsoever.

For my really classified work, I don't use a computer at all. Maybe use the computer to aid in calculations but I delete the files immediately after
use without making any back ups.

If collaborative effort is required, you could perhaps have engineers work under the same location under a LAN with no internet access, no wifi, and
with computers with no connectivity apart from cat-5 ports. But still, those measures cannot prevent an inside job.

Isn't it an act of war what the Chinese did??

Simply deleting something doesn't really remove it from the hard drive, just removes it from the tAble the OS uses to keep track of where everything
is. It's not deleted til it's removed from said tAble AND overwritten by the OS which could take sometime making whatever you deleted still available
to those who know how to get to it. Tried to explain this in as non technical talk as I could, hope it helps. If you are really worried about your
stuff gettin into the wrong hands there is software available that actually removes the dat a from the drive when you delete it.

Nah this is the story they run, when the military industrial complex wanted to get a much bigger black budget for continued development but were told
"NO" by the pentagon. Now that these chinese leaked the designs they get their new budget to do more experimenting…

Originally posted by boncho
I just picture an office building housing 20,000 Chinese hackers who work 18 hours a day with limited coffee breaks and pictures of Cecilia Cheung as
their desktop background.

And when they do get breaks, they have to mine gold for World of Warcraft.

If spying was considered an act of war the US v USSR cold war would not have stayed cold and we would all be dead, or never born, or living in a
bunker beneath a nuclear wasteland. It would also mean that the US is committing constant and countless acts of war (spying) against nearly every
government and non-government entity, domestic and foreign, on the planet. Thankfully, spying is just spying. It comes with the territory.

You can gain access to a network that isn't on the internet. Someone on the inside a spy or a worker can just hide a small but powerful rogue wireless
AP. In the government or corporate environment it's crucial to have a Wifi Internet Detection System in place. Or WIDS for short. They are basically a
customized built Access Point with custom firmware/software that is powerful enough to cover a wide range of signals and channels within the buildings
footprint that it scans.

It seeks out rogue AP's and the software alerts the admins. Or may even shutdown the rogue AP and isolate it from doing anything on the network by
boxing it in with firewalls that block it's IP. You can even setup whats called a dummy machine or honeypot machine to make hackers believe they have
infiltrated something when they really haven't. It's only to put them off long enough for the admins to pinpoint and triangulate the rogue AP's
signals using a signal analyzer.

Originally posted by sean
You can gain access to a network that isn't on the internet. Someone on the inside a spy or a worker can just hide a small but powerful rogue
wireless AP. In the government or corporate environment it's crucial to have a Wifi Internet Detection System in place. Or WIDS for short. They are
basically a customized built Access Point with custom firmware/software that is powerful enough to cover a wide range of signals and channels within
the buildings footprint that it scans.

It seeks out rogue AP's and the software alerts the admins. Or may even shutdown the rogue AP and isolate it from doing anything on the network by
boxing it in with firewalls that block it's IP. You can even setup whats called a dummy machine or honeypot machine to make hackers believe they have
infiltrated something when they really haven't. It's only to put them off long enough for the admins to pinpoint and triangulate the rogue AP's
signals using a signal analyzer.

edit on 30-5-2013 by sean because: (no reason given)

Networks are fickle bitches, containing users, which are a highly unpredictable group of idiots set out to make said network vulnerable.

It's weird that we support a force that eventually will wage war against us

China does not have much history of aggression. The article that you linked goes into detail about the hawks in the Chinese government, but money
rules and their opinions don't matter much. The hawks can pump themselves up for war all that they want, but it won't change the fact that the
Chinese economy relies on the US economy to exist. We are the primary destination for their exports, and their whole system is reliant on exports. Why
would they want to ruin that?

I don't doubt that there are some in their government who would like to occupy North America in the long term, but at this point they have better
ways to achieve that than through military aggression. If they stay on their current course of building their economy and focusing on a defensive
military they will eventually defeat the US without ever firing a shot. There is plenty to criticize in the Chinese government's domestic policies,
but their foreign policy is a model that others (including the US) could learn from.

This content community relies on user-generated content from our member contributors. The opinions of our members are not those of site ownership who maintains strict editorial agnosticism and simply provides a collaborative venue for free expression.